asked on
Exchange 2003 Server Queue Filling up!
I've read every article and have done practically everything. I've made sure there isn't an open relay, I've applied Recipient Filtering ( Checked "Filter recipients who are not in the Directory" ), Sender Filtering, Connection Filtering, Sender ID Filtering, I've gone to Default SMTP Virtual Server - Access - Relay and ticked "Only the list below" and unchecked "Allow all computers which successfully authenticate to relay regardless of the list above" as well as left the "Computer list" blank under "Only the list below", I've disabled port 25 on the firewall, changed the admin password, disabled accounts that weren't being used, enabled logging on NDRs and haven't seen the event id 1708 (to see if another account has been compromised), enabled Tar Pit, I've tested to make sure it isn't a DNS problem, and disabled NDR....
I'm still continuing to get hundreds of thousands of NDRs from unrecognized email accounts in the queue. I have no idea what to do to solve this problem :-( If someone could please point me in the right direction I'd appreciate it!
I'm still continuing to get hundreds of thousands of NDRs from unrecognized email accounts in the queue. I have no idea what to do to solve this problem :-( If someone could please point me in the right direction I'd appreciate it!
Windows OSExchangeEmail Servers
Last Comment
stevegarri
Does your server receive emails directly or via a 3rd party filter service?
If direct, trial Vamsoft (www.vamsoft.com) and the pain will go away.
I'm assuming the sender of the messages is Postmaster@yourdomain.loca
Alan
If direct, trial Vamsoft (www.vamsoft.com) and the pain will go away.
I'm assuming the sender of the messages is Postmaster@yourdomain.loca
Alan
Even after closing the holes, you will still see messages pile up for some time afterwards. When a server has been abused, the spammer will send 1000s of messages as quickly as possible and it takes time for Exchange to process them. I have seen email contiue to pile up for six or seven hours after the server was disconnected from the internet. You will just have to wait it out unfortuantely.
Simon.
Simon.
ASKER
The email has been piling up for over 24 hours. Message ID is adsfdjkafh234223@mail.mydo
Sender is noreply@mail.yahoo-inc.com
I've been constantly having to use the aqadmcli.exe tool to clear the queue :-( It's so wierd and I can't figure out where they are coming from. Anyone have any idea how I can stop this?
Sender is noreply@mail.yahoo-inc.com
I've been constantly having to use the aqadmcli.exe tool to clear the queue :-( It's so wierd and I can't figure out where they are coming from. Anyone have any idea how I can stop this?
ASKER CERTIFIED SOLUTION
THIS SOLUTION ONLY AVAILABLE TO MEMBERS.
View this solution by signing up for a free trial.
Members can start a 7-Day free trial and enjoy unlimited access to the platform.
ASKER
Yup you were right. A few hours later it ended up leveling off and zero-ing out :-) Exchange is all good! Thanks!
Check the headers on the NDR to see where they originated from. Might not be your IP.